Download   Report
  1. technology and computing

Wipro Industrial Risk Management

Introduction to…
Industrial and Critical
Infrastructure Cybersecurity
and Risks
Matt Bancroft
Industrial Risk Management Director
1
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Industrial Cybersecurity
•
•
•
•
Summary
Challenges & Benefits
Downstream Critical OT
Industrial Control Past &
present
• Industrial OT Environments
• Industrial Architectures &
SCADA
• Industrial Risk Management
Example Case Study
2
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Summary
Industrial Control Systems and
Information Technology have
now converged, have become
more complex and more
connected, bringing risks
There has been an explosion
in the use of Information
Technology in Industrial and
Critical Infrastructures
3
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Security Supporting Key Business KPI’s
SCOR METRICS
4
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Layers of Defence
Plant Safety
Security Defence in Depth
Wipro IRM
Policies, Procedures,
Awareness
Physical: Gates,
Walls, Locks
Perimeter: Firewalls
Network
Computers
and Devices
Apps &
Data
Risk Management based upon
a Layers Of Protection Analysis
(LOPA) as described in IEC
61511 part 3 Annex F.
5
Based upon Defence In Depth, a
layering tactic, conceived by the
National Security Agency (NSA) as a
comprehensive approach to
information and electronic security.
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Bespoke Industrial Security Risk
Management. Business Focussed,
Pragmatic, Risk Based, Defence in
Depth approach across all Industrial
cyber threat perimeters:
OT Cybersecurity Change Program Challenges
• Quantifying Risk to the Business
• Gaining investment in critical OT
• Building Collaboration and Trust and between IT
and OT teams
• Implementing security controls without
impacting 24/7/365 operations
• Changing Organisation and Accountability
• Changing the people’s behaviours
• Defining the scope of OT systems
• Improving Vendor Security Maturity and Support
6
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
?
?
?
?
Business Benefits Of Cybersecurity
• Foundations for Industry 4.0 innovation
• Manage risks to Business Operations
• Improve Production Continuity & KPI’s
• Speed up innovation programs
• Improve quality and efficiency
• Integration and Standardisation
• Compliance: Regulatory & Third Party JV
7
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Critical Downstream Operational Processes: Critical OT
Automation & Control Systems
Operational Process
Integrated Control & Safety Systems
Pump, compressor, Turbomachinery Control
Boiler Control and Burner Management Systems
Metering Systems
Electricity Power Control Systems
Power and Energy Management Systems
Process Control and Optimization Systems
Emission Monitoring Systems
Condition & Performance Monitoring Systems
Emergency Shutdown System (ESD)
Fire and Gas System (F&G)
Safe Guarding System (SGS)
High Integrity Pressure Protection System
Turbine Control and Protection
Gas Analyzer System
Tank Level System
Alarm Management System
Integrated Motor Control System
Anti-Surge Control System
Desalter
Furnace
Fractional Distillation
Vacuum Flashing
Coking
Solvent Extraction
Catalytic Cracking
Hydrocracking
Hydrotreating
Catalytic Reforming
Gas Plant
Alkylation Plant
Gasoline blending
Isomerization unit
Steam reforming
Sweetening Unit
Storage Tanks
Utilities - Cooling Tower, Boiler, Electrical SS
Wastewater collection and treating systems
|Furnace|
|Desalter|
|Alkylation Plant|
8
|Catalytic Reforming|
|Gasoline blending|
|Gas Plant|
|Coking|
|Isomerization unit|
|Solvent Extraction|
|Steam reforming|
|Catalytic Cracking|
|Sweetening Unit|
|Hydrocracking|
|Storage Tanks|
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
|Vacuum Flashing| |Wastewater collection and treating systems|
|Hydrotreating|
|Utilties|
|Fractional Distillation|
Summary: Critical Processes & Critical OT
9
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Industrial Control & Automation: The Past
•Unconnected to the Web
•Used proprietary
hardware and software
•Secure through obscurity
and isolation
10
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Industrial Control & Automation: Present
• Converged IT and Industrial
Control systems into Operational
Technology (OT)
• This introduces additional
Complexity
• IT and OT systems now Connect
and communicate with each
other.
11
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
SHODAN: You Are More Connected Than You Know
• The image shows the number of exposed
internet connected industrial control
systems such as SCADA, found on SHODAN
• Many of these system owners are not
aware of this connectivity or of the risks to
their business
• Many may connect through third parties or
through undocumented or uncontrolled
corporate connections
12
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
19th December 2014 | News
Steelworks site was directly targeted using a very
sophisticated spear phishing and social engineering
method. Gained access onto the office network of the
facility then moved into the production network
which resulted in “massive damage to machinery.”
This incident is significant as this is only the second
time a reliable source has publicly confirmed
physical damage to control systems as the result of a
cyber-attack.
13
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
OT IT Environments Overview
Internet
External/Remote/Internet
• Web and Cloud services
• Vendors and Support Partners
• Remote Access and Support
Enterprise Information Technology
• ERP, Email, VPN, Networks
Integration
• ERP to Plant integration systems
• MES/MOMS, SAP-PI, Networks
Operational Technology (OT)
• IT Supporting local production and processing
operations
• SCADA, Industrial Control Systems, HMI,
Automation, Networks, Process Control, PLC’s
14
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
OT IT Security Architectures
External
ISA99/IEC62443
15
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Example OT & Industrial Control System : SCADA
• SCADA System
• Supervisory Control And Data
Acquisition
• Historian/Database app
• Graphical GUI & Visual
Development app
• Windows/Unix PC’s & Servers
TCP/IP Network
• Which Controls…
• Programmable Logic Controllers
(PLC)
• Which Controls Physical
Systems…
• Instrumentation
• Sensors and actuators
• Valves
16
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
MES/MOMS – Manufacturing Execution System
MES requires connectivity between Enterprise and Operations
17
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Industrial Risk Management
Demonstrating the Value of Risk Reduction
18
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
What is the Risk To Our Business From OT?
What is the impact of an outage at our plants?
• Cost of one day production outages at each plant?
• Number of sites and production days?
How exposed are we to Cyber Threats?
• What are the threats? How exposed to these threats are we?
• How Converged, Complex and Connected are OT/IT environments?
How often could an outage happen?
• Every Day? Every year? Every ten years?
19
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Example Threat: Stuxnet & Advanced Targeted Attacks
A map showing infections
of the related malware
strains Stuxnet, Duqu,
Flame and Gauss
20
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Example Cybersecurity Risk Management Program
•
•
•
•
•
•
•
•
•
•
21
Global Chemical Co.
85 Sites – Upstream & Downstream
35 Countries
6 Months time constraint
Combination of Onsite and Self
Assessment
Qualitative and Quantitative Risk
Reports
Board Level Consultancy
Detailed Remediation & Ongoing
Governance Strategies
Low to High OT complexity range across
sites
Wide range of OT capabilities and
maturities
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Types of Systems Discovered
22
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
How Exposed to Cyber Threats Are We?
23
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
OT Cybersecurity Risk Management Business Case
What is the cost impact of an outage at our plants?
Average daily outages cost per plant
Number of Sites
Number of production Days
Cost of One Year Production Outage
$32,443 per site
70 sites
240 days
$545,035,211
How exposed or vulnerable are you to IT/OT Risks ?
Cyber Risk Assessment Exposure Factor
0.004 to 0.014 EF
How often could an outage happen?
Between once every year and every 10 years
1 to 0.1
Annualised Loss Expectancy is in the range
Cost of Industrial Risk Management Program
24
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
$218,014 to $7,630,492
$1,041,559
Case Study: Integrated IT OT Project in Oil and Gas
• A joint venture producer and distributer of Liquid Natural Gas (LNG) based in the middle
East operating a $6 Billion production and processing facility.
• Design and document a security
Information Security Management
system and operating model
• Deliver clear information security
organisation and governance and
provide transparency of risks.
• Appropriate model for both the office
and the plant environments and have
the flexibility to address the different
business priorities, challenges and
levels of risk in each.
• Prepare for ISO27001 certification
25
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Wipro Industrial Risk Management Practice
Service Catalogue
Profiles
•
•
•
•
•
•
•
•
•
•
•
Risk Assessment
Integrated Architecture & Infrastructure
Industrial CyberShield
iFAT Security Testing and Assurance
Industrial Threat Intelligence
Pilot Assurance Programs
Program Resourcing
IT OT Service Rationalisation
NERC CIP Compliance Assurance
Cybersecure Managed Services
Cybersecurity Strategy, Governance,
Frameworks
Alliances
26
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Principal Cybersecurity Consultant
• CISM, CISSP, CISA, CGEIT, GICSP
• 15 years exp. Manufacturing & supply chain
Quality, Risk & Compliance Consultant
• CISA, CISM, CRISC, IAPP, GAMP5, ISO 9001
• 12-20 years experience
Cybersecurity Engineer
• GICSP
• 10 years experience Engineering/Security
Questions?
27
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
28
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Industrial Cyber Shield - DPI2
The costs of running the latest secure versions of Operating Systems and
SCADA Software can be prohibitive to the business. Cyber Shield allows
secure operation of legacy systems whilst investing in the future.
• Pre-Patch Shield
– Make the patching process work to your business…not the
other way around
– Allows extended patching lifecycle
• SCADA Shield
– Securely run legacy SCADA software systems
– Extend system lifespan and investment
• OS Shield
– Protect Investments in legacy Operating Systems – Win XP
– Extend system lifespan and investment
• Cyber-Physical Shield
DPI2 – Deep Packet Industrial
Inspection
• SCADA and Industrial aware NextGen
Security Solutions
• Detailed service aware inspection of
SCADA and Industrial protocols; Modbus,
IEC 101/104, DNP-3, IEC61850
• Intra and inter ISA99 IEC 62443 security
zone applications
– Protect lives and manage physical Health and Safety risks
29
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
CybOps – Managed Cybersecurity Operations
 Centralised Cybersecurity Management for distributed OT/SCADA/ICS/IoT environments
 View your entire OT estate, assets and security compliance posture
 Control and monitor secure remote access
 Automate patching and AV processes to free up engineering resource
 NERC CIP Compliant inventory, logging and reporting
 Define and enforce central security policies
 Understand risks and make informed decisions
 Flexible, local, cloud and MSSP deployment options and pricing
Security Dashboard
30
Centralised Management
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Asset & Compliance Report
Cybersecurity: Physical Perimeter Services
This is your perimeter in the physical world, protecting you from
unauthorised intrusions, damage and theft using gates, walls, doors
locks and access control and intrusion technology solutions
 Spidernet USIMS - Unified Security Information
Management Systems

Physical threat monitoring and alerting
 Environmental Threat Assessments
31

Site access process

WAN/LAN cable single point of failure

Visitor and Third Party Access

Power failure

Data and Control room HVAC
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Case Study: Integrated IT OT Cyber Risk Management
Deliverables
Benefits
Cyber Risk review and management strategy for
UK Water Utility covering both IT and OT
Standardise and formalise cyber risk
management process, governance and
organisation across the business
IT
32
Raise awareness of risks to business from OT
Identify OT Systems, accountabilities and
potential impact on Critical Business Processes
Collaboration and alignment between IT and OT
teams
OT
© 2015 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
Team Name: Team Leader: Country: Univercity:

Team Name: Team Leader: Country: Univercity:

Key Features ENSURE RISK, COMPLIANCE AND ASSURANCE WITH WIPRO-ORACLE GRC

Key Features ENSURE RISK, COMPLIANCE AND ASSURANCE WITH WIPRO-ORACLE GRC

AGILEBASE DEVOPS Continuous Delivery and Deployment Solution

AGILEBASE DEVOPS Continuous Delivery and Deployment Solution

MANAGING TOMORROW, WITH TODAY'S KNOWLEDGE Why Knowledge Management?

MANAGING TOMORROW, WITH TODAY'S KNOWLEDGE Why Knowledge Management?

WIPRO TRANSFORMATION PLATFORM (WTP)

WIPRO TRANSFORMATION PLATFORM (WTP)

Insurance Business Assurance Using Model Based testing Approach Vimal Singh S V

Insurance Business Assurance Using Model Based testing Approach Vimal Singh S V

ServiceNXT

ServiceNXT

CX In Automotive Sule Klein Satish Chowdary Project Manager

CX In Automotive Sule Klein Satish Chowdary Project Manager

Private Cloud at Wipro Cloud computing based on Condor

Private Cloud at Wipro Cloud computing based on Condor

USE AUTOMATION TO DELIVER BETTER SOFTWARE QUALITY

USE AUTOMATION TO DELIVER BETTER SOFTWARE QUALITY

abcdocz.com

© Copyright 2024